Usually about a paragraph in length, we expect an easy to digest summary of the vulnerability here. Something we can explain to our peers or use to motivate a patching request or update.
Use your judgement to determine how severe the vulnerability is here. A discussion about its impact and potential role in an attack can also be used to motivate your assessment here. No need to be dramatic; be factual, everyone will thank you for it.
This here is your PoC.$ext, and its various artifacts needed to reproduce the vulnerability:
#include funcode
Take your time here, this will be the meat of your report.
If you have an idea about how to fix this, please help the maintainers with a suggestion here.
Be precise about your disclosure timeline here. If you include your timeline in the initial report, it stays clear about what kinds of delays you are able to offer, and helps the product / project owners plan their response accordingly as well. Recommended blob:
This vulnerability, the proof of concept and its analysis will be made public 90 days from now. If the issue is not fixed in time, the proof of concept code and detailed analysis will be further delayed by 30 days.